a4b82d5b76faea75e2e2082871d9a784_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a4b82d5b76faea75e2e2082871d9a784_JaffaCakes118
Size

249KB
MD5

a4b82d5b76faea75e2e2082871d9a784
SHA1

370b9efd096ab6078730b041a353c0e92e0df7b9
SHA256

2f7bd7695f58fad1f263056942f11f7c5984a641d547db3a65908b8d3a9531b1
SHA512

b73670f115b06133af9eeff57d319694c512169fbef20d9d3b3145839969bf2d6a5d5e7101d272b9591638801ecc67578739ebf6d064f6d485b7b4e97a93ecf4
SSDEEP

3072:jBMxaTeSQskeo18RJ28zlTeFFlpjyXGntEwK3J0A:jBMxql65rFF8GtZA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4b82d5b76faea75e2e2082871d9a784_JaffaCakes118

Files

a4b82d5b76faea75e2e2082871d9a784_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

60fd82cd70c10702b0123a39c5a25735

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathQuoteSpacesA
StrStrA
PathUnquoteSpacesA
StrChrIA
StrRChrA
StrToIntA
PathRemoveArgsA
StrChrA
StrStrIA
SHGetValueA
PathRemoveFileSpecA
PathAddBackslashA
SHDeleteKeyA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
SHChangeNotify

comctl32

_TrackMouseEvent

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

ole32

CoInitialize
CoUninitialize
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
OleUninitialize
CoCreateInstance
OleInitialize
CoCreateGuid

kernel32

lstrcpyA
GetModuleFileNameA
lstrcmpA
GetSystemTimeAsFileTime
CloseHandle
WaitForSingleObject
CreateThread
Sleep
GetShortPathNameA
lstrcatA
CreateDirectoryA
GetFileAttributesA
DeleteFileA
SetLastError
ReleaseMutex
OpenMutexA
lstrcpynA
SystemTimeToFileTime
GetLocaleInfoA
GetTimeZoneInformation
GetPrivateProfileIntA
lstrcmpiA
GetSystemDirectoryA
GetCurrentProcess
GetCurrentThread
CreateProcessA
CreateMutexA
RemoveDirectoryA
lstrlenA
FindNextFileA
FindFirstFileA
MultiByteToWideChar
GetLastError
CompareFileTime
ReadFile
SetFilePointer
GetFileSize
CreateFileA
GetExitCodeProcess
GetCurrentThreadId
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetVersionExA
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
GetProcAddress
FreeLibrary
HeapReAlloc
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
HeapAlloc
WriteFile
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetModuleHandleA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
FindClose

wsock32

WSACleanup
WSAStartup
ntohs

advapi32

RegCloseKey
RegCreateKeyA
RegDeleteValueA
RegOpenKeyA
RegQueryValueExA
RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyExA
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
RegQueryInfoKeyA
RegEnumKeyA
RegEnumValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegSetValueExA

user32

GetMessageA
GetForegroundWindow
GetWindow
GetDesktopWindow
SetFocus
GetWindowTextA
GetWindowTextLengthA
SystemParametersInfoA
DrawTextA
FillRect
GetSysColorBrush
DrawIconEx
MsgWaitForMultipleObjects
PeekMessageA
GetFocus
TranslateMessage
DispatchMessageA
CreateWindowExA
ModifyMenuA
SetMenuItemInfoA
ExitWindowsEx
GetMenu
LoadMenuA
GetSubMenu
SetMenuDefaultItem
SetForegroundWindow
TrackPopupMenu
DestroyMenu
GetUpdateRect
BeginPaint
EndPaint
SetWindowRgn
GetWindowRect
GetSystemMetrics
GetCursorPos
IsDlgButtonChecked
CheckDlgButton
GetParent
GetSysColor
SendDlgItemMessageA
CreateDialogParamA
DestroyWindow
MessageBoxA
IsWindowEnabled
EndDialog
LoadIconA
SendMessageA
LoadStringA
SetWindowTextA
GetDlgItem
ShowWindow
DialogBoxParamA
GetDC
ReleaseDC
KillTimer
SetWindowPos
SetTimer
SetWindowLongA
GetWindowLongA
LoadImageA
SetCursor
InvalidateRect
wsprintfA
IsDialogMessageA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
CallWindowProcA

gdi32

CreateSolidBrush
MoveToEx
LineTo
CreateFontIndirectA
GetTextExtentPoint32A
GetStockObject
SetTextColor
SetBkColor
SetPixel
BitBlt
CreateCompatibleDC
SelectObject
CreateRectRgn
GetPixel
CombineRgn
DeleteDC
GetObjectA
SelectClipRgn
CreatePen
DeleteObject

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60fd82cd70c10702b0123a39c5a25735

Headers

File Characteristics

Imports

shlwapi

shell32

comctl32

version

ole32

kernel32

wsock32

advapi32

user32

gdi32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 16KB - Virtual size: 84KB

.rsrc Size: 146KB - Virtual size: 145KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 16KB - Virtual size: 84KB

.rsrc
Size: 146KB - Virtual size: 145KB

.reloc
Size: 7KB - Virtual size: 6KB